Fix stack config

bin/stack/stack_definitions/stroom_core/env_vars_whitelist.txt

@@ -43,9 +43,6 @@ STROOM_STATS_DB_PASSWORD
 # Relax security for when the stack is running with the default certs
 STROOM_PROXY_LOCAL_REST_CLIENT_VERIFY_HOSTNAME=false
 
-# Allow proxy to authenticate with no token for testing
-# This entry in the env file will be edited by the CI build
-USE_DEFAULT_OPEN_ID_CREDENTIALS
 # Allow proxy to authenticate with no token for testing
 # stroom_core stack should not have default creds enabled by default
 # to stop people installin an instance and not realising insecure creds

bin/stack/stack_definitions/stroom_core/overrides.env

@@ -10,10 +10,5 @@ STROOM_SERVICE_DISCOVERY_ENABLED="false"
 # and without one the email health checks will fail
 #STROOM_AUTH_ALLOW_PASSWORD_RESETS="false"
 
-STROOM_PROXY_LOCAL_STORING_ENABLED=true
-
-# Stroom 7.2 has no proxy aggregation so we have to forward
-STROOM_PROXY_LOCAL_FORWARDING_ENABLED="true"
-
 # Forward aggregated data to stroom as stroom 7.2 has no proxy aggregation.
 STROOM_PROXY_LOCAL_FORWARD_URL="https://nginx/stroom/datafeeddirect"

bin/stack/stack_definitions/stroom_core_test/env_vars_whitelist.txt

@@ -38,20 +38,21 @@ STROOM_NGINX_DOCKER_REPO
 STROOM_PROXY_DOCKER_REPO
 STROOM_PROXY_HOST
 STROOM_PROXY_LOCAL_FEED_STATUS_URL
-STROOM_PROXY_LOCAL_STORING_ENABLED
 STROOM_PROXY_REMOTE_FEED_STATUS_URL
 STROOM_PROXY_REMOTE_FORWARDING_ENABLED
-STROOM_PROXY_REMOTE_STORING_ENABLED
 STROOM_STATS_DB_HOST
 STROOM_STATS_DB_PASSWORD
 
 # Relax security for when the stack is running with the default certs
 STROOM_PROXY_LOCAL_REST_CLIENT_VERIFY_HOSTNAME=false
+STROOM_PROXY_LOCAL_REST_CLIENT_VERIFY_HOSTNAME=false
+
 STROOM_PROXY_REMOTE_REST_CLIENT_VERIFY_HOSTNAME=false
 STROOM_PROXY_REMOTE_FORWARDING_HOST_VERIFICATION_ENABLED=false
 
 # Allow proxy to authenticate with no token for testing
 STROOM_IDENTITY_PROVIDER_TYPE=TEST_CREDENTIALS
-USE_DEFAULT_OPEN_ID_CREDENTIALS=true
+STROOM_PROXY_LOCAL_IDENTITY_PROVIDER_TYPE=TEST_CREDENTIALS
+STROOM_PROXY_REMOTE_IDENTITY_PROVIDER_TYPE=TEST_CREDENTIALS
 
 # vim: set filetype=sh:

bin/stack/stack_definitions/stroom_core_test/overrides.env

@@ -1,7 +1,5 @@
 # shellcheck disable=SC2034
 
-STROOM_PROXY_LOCAL_FORWARDING_ENABLED="true"
-
 # Forward aggregated data to stroom as stroom 7.2 has no proxy aggregation.
 STROOM_PROXY_LOCAL_FORWARD_URL="https://nginx/stroom/datafeeddirect"
 

bin/stack/stack_definitions/stroom_full/env_vars_whitelist.txt

@@ -37,10 +37,8 @@ STROOM_PROXY_HOST
 STROOM_STATS_ADVERTISED_HOST_OR_IP
 STROOM_PROXY_LOCAL_FEED_STATUS_URL
 STROOM_PROXY_LOCAL_FORWARDING_ENABLED
-STROOM_PROXY_LOCAL_STORING_ENABLED
 STROOM_PROXY_REMOTE_FEED_STATUS_URL
 STROOM_PROXY_REMOTE_FORWARDING_ENABLED
-STROOM_PROXY_REMOTE_STORING_ENABLED
 STROOM_STATS_ADVERTISED_HOST_OR_IP
 STROOM_STATS_DB_HOST
 STROOM_STATS_DB_PASSWORD

bin/stack/stack_definitions/stroom_full_test/env_vars_whitelist.txt

@@ -37,10 +37,8 @@ STROOM_STATS_ADVERTISED_HOST_OR_IP
 #STROOM_PROXY_LOCAL_CONTENT_SYNC_ENABLED - commented out as rulesets are not ready for use
 STROOM_PROXY_LOCAL_FEED_STATUS_URL
 STROOM_PROXY_LOCAL_FORWARDING_ENABLED
-STROOM_PROXY_LOCAL_STORING_ENABLED
 STROOM_PROXY_REMOTE_FEED_STATUS_URL
 STROOM_PROXY_REMOTE_FORWARDING_ENABLED
-STROOM_PROXY_REMOTE_STORING_ENABLED
 STROOM_STATS_ADVERTISED_HOST_OR_IP
 STROOM_STATS_DB_PASSWORD
 STROOM_STATS_DB_HOST

bin/stack/stack_definitions/stroom_proxy/env_vars_whitelist.txt

@@ -20,4 +20,6 @@ STROOM_LOG_SENDER_PRIVATE_KEY_FILE
 STROOM_NGINX_DOCKER_REPO
 STROOM_PROXY_DOCKER_REPO
 
+STROOM_PROXY_REMOTE_FORWARD_URL
+
 # vim: set filetype=sh:

bin/stack/stack_definitions/stroom_proxy/overrides.env

@@ -6,8 +6,6 @@ STROOM_PROXY_REMOTE_FORWARDING_ENABLED="true"
 STROOM_PROXY_REMOTE_FORWARDING_HOST_VERIFICATION_ENABLED="true"
 # A sensible initial value
 STROOM_PROXY_REMOTE_JAVA_OPTS="-Xms50m -Xmx2g "
-# This is a remote forwarding proxy so want storing
-STROOM_PROXY_REMOTE_STORING_ENABLED="true"
 # Nginx can reverse proxy inside the docker network so use the docker service
 # name instead of the HOST_IP. It also means we can reverse proxy on the default
 # internal app port (8090).

bin/stack/variable_documentation.md

@@ -192,12 +192,6 @@ that is co-located with stroom.
 True if stroom-proxy should verify the hostname against the server certificate
 when making API call, e.g. when checking the feed receipt status.
 
-## STROOM_PROXY_LOCAL_STORING_ENABLED
-
-True if stroom-proxy should store the received data in its local repository.
-Typically this will be true for a local proxy as stroom will read from this
-repository.
-
 ## STROOM_PROXY_REMOTE_CLIENT_KEYSTORE_PASSWORD
 
 The password of the java keystore file that will be used when making API
@@ -270,12 +264,6 @@ The URL that data should be forwarded to, e.g. a downstream stroom or stroom-pro
 True if stroom-proxy should verify the hostname against the server certificate
 when making API call, e.g. when checking the feed receipt status.
 
-## STROOM_PROXY_REMOTE_STORING_ENABLED
-
-True if stroom-proxy should store the received data in its local repository.
-Typically this will be true for a local proxy as stroom will read from this
-repository.
-
 ## STROOM_RACK
 
 DEPRECATED The name/id of the rack in which this stroom instance sits.

dev-resources/compose/containers/stroom-proxy-local.yml

@@ -5,13 +5,12 @@ services:
     environment:
       - DOCKER_HOST_HOSTNAME=${DOCKER_HOST_HOSTNAME:-UNKNOWN}
       - DOCKER_HOST_IP=${DOCKER_HOST_IP:-UNKNOWN}
-      - FORWARDING_ENABLED=${STROOM_PROXY_LOCAL_FORWARDING_ENABLED:-false}
+      - FORWARDING_ENABLED=${STROOM_PROXY_LOCAL_FORWARDING_ENABLED:-true}
       - FORWARD_URL=${STROOM_PROXY_LOCAL_FORWARD_URL:-}
       - JAVA_OPTS=${STROOM_PROXY_LOCAL_JAVA_OPTS:- -Xms50m -Xmx2g}
-      - STORING_ENABLED=${STROOM_PROXY_LOCAL_STORING_ENABLED:-true}
       - FEED_STATUS_URL=${STROOM_PROXY_LOCAL_FEED_STATUS_URL:-https://nginx/api/feedStatus/v1}
-      - USE_DEFAULT_OPEN_ID_CREDENTIALS=${USE_DEFAULT_OPEN_ID_CREDENTIALS:-false}
       - REST_CLIENT_VERIFY_HOSTNAME=${STROOM_PROXY_LOCAL_REST_CLIENT_VERIFY_HOSTNAME:-true}
+      - IDENTITY_PROVIDER_TYPE=${STROOM_PROXY_LOCAL_IDENTITY_PROVIDER_TYPE:-NO_IDP}
     ports:
       # Allow the ports on the docker host to be chaned, internally they are fixed
       - "${STROOM_PROXY_LOCAL_APP_PORT:-8090}:8090"

dev-resources/compose/containers/stroom-proxy-remote.yml

@@ -9,10 +9,9 @@ services:
       - FORWARDING_HOST_VERIFICATION_ENABLED=${STROOM_PROXY_REMOTE_FORWARDING_HOST_VERIFICATION_ENABLED:-true}
       - FORWARD_URL=${STROOM_PROXY_REMOTE_FORWARD_URL:-https://nginx/stroom/datafeed}
       - JAVA_OPTS=${STROOM_PROXY_REMOTE_JAVA_OPTS:- -Xms50m -Xmx2g}
-      - STORING_ENABLED=${STROOM_PROXY_REMOTE_STORING_ENABLED:-true}
       - FEED_STATUS_URL=${STROOM_PROXY_REMOTE_FEED_STATUS_URL:-https://nginx/api/proxy/feedStatus/v1}
-      - USE_DEFAULT_OPEN_ID_CREDENTIALS=${USE_DEFAULT_OPEN_ID_CREDENTIALS:-false}
       - REST_CLIENT_VERIFY_HOSTNAME=${STROOM_PROXY_REMOTE_REST_CLIENT_VERIFY_HOSTNAME:-true}
+      - IDENTITY_PROVIDER_TYPE=${STROOM_PROXY_REMOTE_IDENTITY_PROVIDER_TYPE:-NO_IDP}
     ports:
       # Allow the port on the docker host to be changed, internal are fixed
       - "${STROOM_PROXY_REMOTE_APP_PORT:-9090}:8090"